Early NFT investor embarrassed by no resale interest

The recent surge in NFT coverage in tyhe technology and financial press was typified by the story of an early NFT auction in which an investor paid $2.9m for an NFT linked to Twitter Founder Jack Dorsey’s first ever Tweet on the platform. This, it was claimed, was an example of how new value could be created using NFTs and how investing in buying and selling NFTs would be the next big thing. The sales of NFTs have indeed grown large though the residual value, and ROI on the resale of NFTs have been much less impressive.

In the interim it has been widely reported not only that NFT exchanges have struggled with growing numbers or fraudulent issues, fake NFTs, market manipulation, price rigging and thefts (ironically specifically the issues that block chain technologies are intended to prevent) but also that a lot of the apparent liquidity in NFT markets (the number of buy/sell transactions) has been artificially (and illegally) inflated by the same parties being on both sides of the transaction in any attempt to give the impression that NFT are easily/quickly traded and that prices are going up.

In what must be considered a massive PR blow to the industry as a whole, the buyer of this famous first Tweet NFT, Sina Estavi has recently tried to sell what is probably the most famous NFT in existence for sale referring to it as the “Mona Lisa of the Digital World” for an eye-watering $48m on the OpenSea NFT exchange (asking more than 16x what he paid for it in March 2021) and was met with initially offers of only hunderds of dollars and at the time of writing a highest bid of just $6’800 – some 0.000141 of the asking price and barely 0.0023 of what he paid for it. Surely a “rug pull” of epic proportions.

Our condolensces go to Mr Estavi who had allegedly planned to donate about $25m of the expected proceeds to charity though we think he has badly mis-judged what he has purchased. While he claims this NFT is the “Mona Lisa of the Digital World” – something which would indeed be priceless, surely what he has actually bought is an NFT for a photo of the Mona Lisa which can be bought in any gift shop for a few dollars or downloaded from the Web for free. 

Perhaps more correctly he bought $2.9m of attention/publicity for himself and the new NFT exchange he is launching whilst the NFT that remains behind when the news stories and buzz are forgotten actually captures very little inherent value beyond the attention and novelty they generate. Who was the second woman to fly solo across the Atlantic? The second athelete to break a 4-minute mile? No-one remembers and I suspect the the second person to own this NFT might be equally forgetable.

Perhaps NFTs are becoming a new currency of the “attention economy” joining subscribers, likes and upvotes. In any case potential investors must now surely be ultra-careful about certificates pointing to notional assets that are hard (impossible) to differentiate from the free alternatives.

Whack-a-Mole at Cent NFT exchange and piracy on the OpenSea

The US-based NFT trading platform, Cent, which stunned an unsuspecting public by selling an NFT of Jack Dorsey’s first ever tweet on Twitter for £2.1 million has recently suspended trading of (most) NFT assets because “people were selling tokens of content that did not belong to them”, with its co-founder Cameron Hejazi admitting this was a “fundamental problem” in the fast-growing digital assets market. Whilst the Cent marketplace has stopped general NFT sales, the part specifically for selling NFTs of tweets, which Cent calls “Valuables” (sic) is still operating.

“There’s a spectrum of activity that is happening that basically shouldn’t be happening – like, legally” said co-founder Hejazi, highlighting three main problems:

  • People selling unauthorized copies of other NFTs (aka Counterfeiting)
  • People making NFTs of content which does not belong to them (aka Fraud)
  • People selling sets of NFTs which resemble a security (aka Securities Fraud)

Additionally there is (at least) a fourth problem – there has been substantial reported activity where the same party buys/sells their own NFTs (so-called wash-trading) in order to make the NFT market or asset appear more valuable/popular than it actually is. In a market where (quite apart from the value of the asset it points to) the token itself has virtually no value other than the public interest in it and so this amounts to serious market manipulation. This is a form of securities fraud which has been illegal in the US since 1936.

Hejazi was apparently not trying to downplay the situation when he described these issues as “rampant,” with users “minting and minting and minting counterfeit digital assets.” “It kept happening. We would ban offending accounts but it was like we’re playing a game of whack-a-mole… Every time we would ban one, another one would come up, or three more would come up.”

It appears that there is potential systemic and market risk in a marketplace which cannot effectively prevent users fraudulently trading on its systems and the liability for any losses incurred might seem to be a troubling future possibility for the operators of such platforms.

Its not difficult to see the appeal of the model: It seems to follow naturally from the notion that the one thing better than making money from things you make/buy/sell is making money from things that OTHER PEOPLE make/buy/sell.  A model delivering huge financial sucess to Amazon MarketPlace, Apple AppStore and eBay in recent years.

After all, NFTs require neither physical storage space nor distribution network, require neglible power and no materials to make, require no maintenance and yet (currently) sell for what can only be described as “incredible” prices (i.e., not believable). If you are an exchange or trading platform for NFTs than you don’t even need to expend any effort on creating the assets in the first place. What modern digital company wouldn’t want a piece of that emerging market? For those old enough to remember buying virtual t-shirts and virtual baseball caps for real money in Second Life – we seem to be heading back to the digital store to buy more digital stuff – one wonders whether this is primarily because our lives and our homes are already full to the brim of the physical stuff  that we’ve been buying for the last decade or two.

How can firms continue to grow and place products in markets that are already choking with stuff and where the cost of manufacturing, materials, offsetting pollution and disposal of waste are becoming such hot topics? The answers to these problems may become more visible as more global brands join the NFT gold rush focussed on selling us pointers/receipts to things we don’t actually own. Amazon solves this problem elegantly as they increasingly sell products manufactured stored shipped by other people and as they move from paper books (assets which we actually own when we buy them and can be sold or given away) to Kindle eBooks which we do NOT own but rather license from Amazon. Whilst licenses vary beteeen platforms and can change over time essentially the rights to read an ebook typically end with the death of the orginal customer. Makes you wonder what will happens with NFTs: will they be “bearer instruments” like a bond that anyone can carry around or named contracts like modern equity registers? Will they be timeless like a book or time-bound like an ebook license? So many questions… 

With Coca-Cola, Gucci and Nike featuring among companies to have already sold NFTs, Nike has even bought a virtual sneaker maker to sell digital shoes  (no mention of where our digital socks or our digital feet will be coming from).  Alphabet-owned company YouTube has said it will explore NFT features, presumably to further license and monetise the huge amounts of digital content on its platform (perhaps as an alternative to ad revenues) or the confusing YouTube Red aka YouTube Premium. 

Confidence issues however are more widespread then just around a single platform.  The biggest NFT marketplace, OpenSea, currently valued at $13.3 billion, said last month more than 80% of the NFTs minted for free on its platform were “plagiarized works, fake collections and spam.” For the avoidance of doubt an OpenSea spokesperson did confirm that “It is against our policy to sell NFTs using plagiarized content”. This will perhaps be of minimal comfort to anyone who has already handed over good money for a fake NFT, has seen valid NFTs of their copyright works illegally minted or more generally to the investors behind OpenSea. One wonders if the connection between (the) OpenSea and the traditional home of pirates occured to the marketing department at the time they were choosing a name or if indeed the universe really is powered by irony as some have suggested.

 More recently “at least three opportunists exploited the OpenSea loophole Monday, making away with over $1 million worth of ether in ensuing NFT sales, according to blockchain analytics firm Elliptic. One user (jpegdegenlove), paid roughly $133,000 for seven NFTs, before flipping the digital collectibles on OpenSea for $934,000 of ether.”  The issue is being characterised as a “UI Issue”. According to Blockworks OpenSea reportedly had a bug in its marketplace that destroyed 42 NFTs last year, but was fixed within a day. 

Despite the fairly obvious conclusion that markets littered with fakes, stolen assets and fraudsters are not only “problematic” (but are perhaps to be avoided entirely), sales of NFTs have nevertheless rocketed to around £18 billion in 2021, leaving many baffled (including the author) as to where the money is coming from and why so much of it is being spent on items that do not physically exist and which typically anyone can view online for free.

Its a very very good question.

To many NFT-enthusiasts, the decentralised nature of blockchain technology is appealing, allowing users to create and trade digital assets without a central authority controlling the activity, though it appears that a lack of a central authority may, ironically, be NFT’s single biggest weakness if it cannot quickly and successfully assert a credible and trustworthy way of creating and trading digital assets. Cent has talked about putting centralised controls in place whilst they figure out how to make the platform work.

Who are they for?

Much has been made of the ability for musicians and artists to recoup some of their diminishing copyright revenues as art and content production has increasingly moved into the world of streaming and downloads – the question, however, remains what can you DO with a token for an asset:

  • That potentially everyone else has access to anyway (without paying)
  • That confers no control nor ownership rights over the original asset

There seem to be a few reasons so far:

  1.  Speculate with it – i.e. attempt to re-sell it while the price is still going up. Otherwise, like a game of pass-the-parcel , the market may eventually determine the asset’s price is largely determine by buzz  (see Wash-Trading) rather than any underlying value and is now worth less than you paid for it. This makes NFTs feel like a quick-in-quick-out trading opportunity with the guy holding the NFT parcel when the music stops potentially badly out of pocket.
  2. Gain attention (participate) with it – i.e. derive a vicarious pleasure and attention from owning something that notionally links you with a famous item or person whether or not the certificate is eventually worth more than you paid for it. There is a story about US actor John de Lancie (who played the iconic Star Trek character known as “Q”) appearing at an auction of sci-fi memorabilia despite feeling very ill with the flu whereupon a fan paid $60 for his unfinished glass of water in order to obtain “a copy of the Q-Virus.” People will, it seems, buy virtually anything if the story behind it is suitably compelling. John de Lancie accepted the $60 on behalf of a charity and has fully recovered whilst little is known about where the virus is now.
  3. Support art/culture with it – i.e. find a method of supporting artists and content producers who have had previously rivalrous goods like albums, CDs and videos replaced by non-rivalrous and heavily-pirated digital versions. NFTs might be a method to support artists though a connection to older works/pieces but whether this is more attractive and represents a better relationship between the artist and the fans than something like a Patreon subscription remains to be seen,

Other than appeasing die-hard Star Trek fans (which is probably not the primary market the NFT exchanges are looking at) the more interesting question for the longevity of NFT is whether you can invest in them – given they don’t age or degrade (unlike the assets they point to). There will never be fewer of them (only more) and like signed books, albums, autographs and celebrity-owned items, the risk is that they are (currently) easy to fake and thus the market is full of counterfeits. Remember even a valid NFT isn’t the real thing- only a certificate. Its like buying the certificate for a Hendrix guitar but not actually the guitar … I’m not sure I see the attraction.

Critics have observed that in a poorly regulated market NFT’s may also be a convenient method to soak up (or even launder) large amounts of cash that individuals and organisations would prefer local tax authorities knew little about. Anti-money laundering groups are doubtless keeping a close eye on this space since a recent US Treasury report on money laundering and art works.

Looking back to the evolution of earlier electronic financial markets 1980’s-1990’s there were undendeniably widespread problems in understanding how the markets worked and how the assets should be priced. NFTs may experience these same problems as markets develop with early wild over-pricing being replaced by more conservative methods and practices. 

Broader block-chain technologies and digital currencies based on proof-of-work or proof-of-control are doubtless interesting approaches with growing applications (albeit some with ugly environmental costs) and NFTs are part of this broader landscape.  Without better regulation and processes the current NFT landscape may be no more than the latest get-rich-quick scheme for traders to get in and out before the markets collapse. With better understanding tools and regulation we might be seeing the formation of new markets in novel digital assets that will actually hold value and fund arts/business for longer term investors to capture and increase value over time.

Time will tell how quickly the NFT Goldrush can be made safe and secure for the general public and the general investor but for now anyone putting up serious cash in an unproven market for an uncertain digital token is living in the wild west.

It is perhaps worth noting that the only people who consistently make money in the wild west during the gold rushes were the businesses selling shovels.


Terms/ Concepts

NFTs (or Non-Fungible Tokens) are crypto assets that record the ownership of a digital asset such as an image, video or text. Anyone can create, or “mint,” an NFT, however ownership of the token does not usually confer control over or ownership of the underlying item nor is there (as yet) a reliable method of ensuring that the individual minting the NFT has any right to do so especially where they do not own the original underlying asset.

Fungible: Despite having serial numbers Notes/Bills (incl pound notes and dollar bills!), stock certificates, bond certificates and similar physical financial certificates are handled de facto as though they are identical and can be freely swapped for another bill, note or certificate of the same denomination – they are fungible-  i.e. equivalent/interchangeable. NFT’s however represent unique and NON-Fungilble records which are interesting because of their unique nature.

Rights: When we paint a watercolour scene on paper and sell it we no longer have the painting after the sale: the purchaser does. These are “rivalrous goods” such that EITHER I have the painting or the buyer does. Digital goods in contrast may be “non-rivalrous” in that if we paint a digital portrait and sell the image we can still have what is effectively the SAME image as the purchaser after the sale – differences between two copies of an unsigned digital image file can range from tiny to non-existent. Digital rights, especially around non-rivalrous goods like digital assets may be poorly defined/understood in many areas leading to misunderstandings around what rights/materials the buyer is obtaining.

Scams: Despite the intention to digitally certifiy individual ownership reliably, reports of scams, counterfeits and so-called “wash trading” have become commonplace. Individuals are minting reproductions of supposedly unique NFTs pointing to underlying assets, minting NFTs pointing to assets (including artworks) over which they have no rights.

Wash trading: “wash trading” is where the same individual is on both sides of the trade (buy and sell) which attempts to paint a misleading picture inflating the apparent interest in an asset and thereby inflating the perception of the asset’s value and liquidity.

Government agencies are tapping a facial recognition company to prove you’re you – here’s why that raises concerns about privacy, accuracy and fairness


 Beginning this summer, you might need to upload a selfie and a photo ID to a private company, ID.me, if you want to file your taxes online.

Oscar Wong/Moment via Getty Images

James Hendler, Rensselaer Polytechnic Institute

The U.S. Internal Revenue Service is planning to require citizens to create accounts with a private facial recognition company in order to file taxes online. The IRS is joining a growing number of federal and state agencies that have contracted with ID.me to authenticate the identities of people accessing services.

The IRS’s move is aimed at cutting down on identity theft, a crime that affects millions of Americans. The IRS, in particular, has reported a number of tax filings from people claiming to be others, and fraud in many of the programs that were administered as part of the American Relief Plan has been a major concern to the government.

The IRS decision has prompted a backlash, in part over concerns about requiring citizens to use facial recognition technology and in part over difficulties some people have had in using the system, particularly with some state agencies that provide unemployment benefits. The reaction has prompted the IRS to revisit its decision.

a webpage with the IRS logo in the top left corner and buttons for creating or logging into an account




Here’s what greets you when you click the link to sign into your IRS account. If current plans remain in place, the blue button will go away in the summer of 2022.
Screenshot, IRS sign-in webpage

As a computer science researcher and the chair of the Global Technology Policy Council of the Association for Computing Machinery, I have been involved in exploring some of the issues with government use of facial recognition technology, both its use and its potential flaws. There have been a great number of concerns raised over the general use of this technology in policing and other government functions, often focused on whether the accuracy of these algorithms can have discriminatory affects. In the case of ID.me, there are other issues involved as well.

ID dot who?

ID.me is a private company that formed as TroopSwap, a site that offered retail discounts to members of the armed forces. As part of that effort, the company created an ID service so that military staff who qualified for discounts at various companies could prove they were, indeed, service members. In 2013, the company renamed itself ID.me and started to market its ID service more broadly. The U.S. Department of Veterans Affairs began using the technology in 2016, the company’s first government use.

To use ID.me, a user loads a mobile phone app and takes a selfie – a photo of their own face. ID.me then compares that image to various IDs that it obtains either through open records or through information that applicants provide through the app. If it finds a match, it creates an account and uses image recognition for ID. If it cannot perform a match, users can contact a “trusted referee” and have a video call to fix the problem.

A number of companies and states have been using ID.me for several years. News reports have documented problems people have had with ID.me failing to authenticate them, and with the company’s customer support in resolving those problems. Also, the system’s technology requirements could widen the digital divide, making it harder for many of the people who need government services the most to access them.

But much of the concern about the IRS and other federal agencies using ID.me revolves around its use of facial recognition technology and collection of biometric data.

Accuracy and bias

To start with, there are a number of general concerns about the accuracy of facial recognition technologies and whether there are discriminatory biases in their accuracy. These have led the Association for Computing Machinery, among other organizations, to call for a moratorium on government use of facial recognition technology.

A study of commercial and academic facial recognition algorithms by the National Institute of Standards and Technology found that U.S. facial-matching algorithms generally have higher false positive rates for Asian and Black faces than for white faces, although recent results have improved. ID.me claims that there is no racial bias in its face-matching verification process.

There are many other conditions that can also cause inaccuracy – physical changes caused by illness or an accident, hair loss due to chemotherapy, color change due to aging, gender conversions and others. How any company, including ID.me, handles such situations is unclear, and this is one issue that has raised concerns. Imagine having a disfiguring accident and not being able to log into your medical insurance company’s website because of damage to your face.




Facial recognition technology is spreading fast. Is the technology – and society – ready?

Data privacy

There are other issues that go beyond the question of just how well the algorithm works. As part of its process, ID.me collects a very large amount of personal information. It has a very long and difficult-to-read privacy policy, but essentially while ID.me doesn’t share most of the personal information, it does share various information about internet use and website visits with other partners. The nature of these exchanges is not immediately apparent.

So one question that arises is what level of information the company shares with the government, and whether the information can be used in tracking U.S. citizens between regulated boundaries that apply to government agencies. Privacy advocates on both the left and right have long opposed any form of a mandatory uniform government identification card. Does handing off the identification to a private company allow the government to essentially achieve this through subterfuge? It’s not difficult to imagine that some states – and maybe eventually the federal government – could insist on an identification from ID.me or one of its competitors to access government services, get medical coverage and even to vote.

As Joy Buolamwini, an MIT AI researcher and founder of the Algorithmic Justice League, argued, beyond accuracy and bias issues is the question of the right not to use biometric technology. “Government pressure on citizens to share their biometric data with the government affects all of us — no matter your race, gender, or political affiliations,” she wrote.

Too many unknowns for comfort

Another issue is who audits ID.me for the security of its applications? While no one is accusing ID.me of bad practices, security researchers are worried about how the company may protect the incredible level of personal information it will end up with. Imagine a security breach that released the IRS information for millions of taxpayers. In the fast-changing world of cybersecurity, with threats ranging from individual hacking to international criminal activities, experts would like assurance that a company provided with so much personal information is using state-of-the-art security and keeping it up to date.

[Over 140,000 readers rely on The Conversation’s newsletters to understand the world. Sign up today.]

Much of the questioning of the IRS decision comes because these are early days for government use of private companies to provide biometric security, and some of the details are still not fully explained. Even if you grant that the IRS use of the technology is appropriately limited, this is potentially the start of what could quickly snowball to many government agencies using commercial facial recognition companies to get around regulations that were put in place specifically to rein in government powers.

The U.S. stands at the edge of a slippery slope, and while that doesn’t mean facial recognition technology shouldn’t be used at all, I believe it does mean that the government should put a lot more care and due diligence into exploring the terrain ahead before taking those critical first steps.The Conversation

James Hendler, Professor of Computer, Web and Cognitive Sciences, Rensselaer Polytechnic Institute

This article is republished from The Conversation under a Creative Commons license. Read the original article.

James Hendler, Professor of Computer, Web and Cognitive Sciences, Rensselaer Polytechnic Institute
This article is republished from The Conversation under a Creative Commons license. 

Free Speech – American Style

by Kieron O’Hara

25th Jan, 2021
The dust is settling on the chaotic aftermath of the American election, and debate is opening up about free speech: in particular, was Twitter right to deny President Trump, as he then was, access, and was the tech world in general right to round upon far right platforms, notably pushing Parler offline? Even some of Mr Trump’s biggest enemies were concerned.
This is all complicated by our prior views on a number of topics: the positive and negative aspects of social media and the companies that run the networks, Schadenfreude or sympathy for Mr Trump, and the status of mob protest, as surprisingly many commentators are relatively sanguine about political violence when it comes from ideological directions with which they are comfortable. One academic concluded in 2013 that “the use of insurrectionary symbolic damage is a reminder of the failings of representative democracy in how it deals with political conflicts”, which is more or less the MAGA line, if perhaps less pithily expressed.
So, were Twitter and Facebook right to remove Trump’s platform? There are a number of ad hominem points to be made that don’t really affect the philosophical ones. Yes, Mr Trump did rather ask for it. No, the offending comments that were the last straw were nowhere near as incendiary as some that he had made previously without anyone at Twitter worrying about them. No, it is not coincidental that Mr Trump was banished after he was confirmed as the loser of the 2020 election, and so had become the lamest of lame ducks.
What the imbroglio does show is the peculiar mix of ethics, law and politics that makes it hard to translate American moral discourse into foreign contexts. It particularly matters when we consider Internet rights, because the US contains highly local ideological framings of Internet governance, as Wendy Hall and I have written, and describe in a forthcoming book, Four Internets.
This is an American argument, pitting an American company against an American individual who happens to be a businessman and politician of some prominence in America. Hence the context is not the broad issue of whether and when people should be allowed to say what they wish, but specifically the First Amendment of the US Constitution. This states that Congress should not pass any law that abridges freedom of speech or the press.
Note first that this applies only to Congress; as with most of the US Constitution, it is intended to protect private citizens from the government, not each other. So on the face of it, the First Amendment is, unlike many of today’s commentators, silent on the topic of Twitter and Trump. Twitter is a private actor, and not the direct target of the Amendment.
But is the government obliged to ensure Mr Trump is heard? After all, freedom of speech is surely abridged if people are denied platforms from which to speak. Perhaps the government’s responsibility is to prevent such abridgement on its territory.
A private person of course has preferences. Suppose someone stood on a soapbox in your back garden and started spouting views of which you disapproved. You would want the power to stop him, and rightly. And to complicate the argument, this power is understood, legally, in the US as your free speech – your free speech rights extend to your control of the speech that emerges from of your territory. If you owned a company, then you could close down the speech of an employee who used your communications to say something of which you disapproved, although it would be different if they used their own media.
Twitter, it is plain to see, is not a person. But this truism is less relevant, because in US law, corporations have relatively prominent legal personalities compared to other jurisdictions. Naturally, Twitter has no opinions, but it does have business interests, and any business might well wish to suppress statements that could damage its interests.
What if you were director of a company that owned a shopping mall, and wanted to prevent someone going into the mall and criticising the shops that rented space, directly outside their doors. Whose free speech counts now – yours, or the protestor’s? Is a shopping mall a public or a private space in the relevant sense? The police are called, and the government has to decide whether to defend the protestor’s right to speak ill of your clients, or your right to throw him out. It turns out that in the US, the police defend your rights, and not the protestor’s. Once the protestor is on the (public) pavement, then his rights take precedence, but not inside the (private) mall.
What about a privately-owned communications company? Can a mail service refuse to take a letter, or a telephone company a call? No, the government will defend the rights of the protestor in that case. The services are so-called common carriers, obliged to take the communications of anyone willing to pay the price, but as a quid pro quo not held liable for the speech they carry, be it libellous or hateful. It is an infringement of free speech if a common carrier will not take your communication, and the government’s obligation is to ensure the protestor gets heard.
So now comes the question: is Twitter more like a shopping mall, or a mail service? On the one hand, it is sheltered from any liability that would follow from what is posted upon it (unlike, say, a publisher, which would be liable for incitements to violence it published), as an “interactive computer service” in the terms of the 1996 Communications Decency Act (but not a common carrier). On the other, the US Supreme Court has recently tended, in cases of this kind, to defend the freedom of private entities such as Twitter to suppress speech on their media of which they do not approve (even if only to protect their business interests), rather than to order government to defend the freedom of speech of those who would wish to use private media.
So Twitter’s calculation was legally and economically hard-headed. Cancelling Candidate Trump, or President Trump in his pomp would have had repercussions – indeed, in an argument with Twitter, Mr Trump, in tandem with many other Republicans and Democrats, even threatened to repeal the aforesaid Communications Decency Act, which could have killed off Twitter, and many other social media, entirely. But giving Ex-President Trump a platform, especially after his loser status had been confirmed by Congress, and after his support had been undermined still further by what looked remarkably like a failed coup d’état, could be even more dangerous, especially as Mr Trump is likely to turn his post-election wrath on the Republican opposition as well as the Democratic government (i.e. everyone). After the riot, and after the confirmation of the electoral college result, the calculation changed. And Twitter’s calculation is what counts.
Is it a correct one? Probably. Although its share price fell upon Mr Trump’s defenestration, during the course of 2020 more and more advertisers prevented their ads appearing alongside his increasingly unhinged witterings. Twitter seeks to maximise engagement. As Commander-in-Chief, Mr Trump’s tweets were certainly engaging; now he is just another alt-right troll, maybe not so.
Facebook made a different calculation. It dropped Mr Trump as did Twitter, for the same reasons, but it is a more global company, and it needs to operate in contexts where free speech judgments carry less legal baggage. Consequently its ex-Eurocrat Vice President Sir Nick Clegg, who handles its international PR, has sent the decision to its Oversight Board for confirmation. This will happily delay the decision for long enough that, whichever way it goes (and it will find in Mr Trump’s favour), the heat will be drawn from the American political situation. Yet, although the Board will produce a piece of philosophical argument expressed in the most highfalutin prose, the decision itself – indeed, the very existence of the Oversight Board – remains a business decision, a hard-headed calculation of the long term interests of Facebook.
Finally, it is worth pointing out that Facebook’s Oversight Board has given it a number of advantages over Twitter’s command and control. It functions as the long grass into which the problem has been kicked, while simultaneously allowing the removal of Mr Trump during this tense period. And it gives the illusion of making a moral decision independent of the specifics of American politics, American business and American law. Sir Nick won’t have to apologise after this process is complete.

The post Free Speech – American Style appeared first on Web Science Trust.

Robot vacuum cleaners can spy on private conversations

When your robot vacuum cleaner does its work around the house, beware that it could pick up private conversations along with the dust and dirt. Computer scientists from NUS have demonstrated that it is indeed possible to spy on private conversations using a common robot vacuum cleaner and its built-in Light Detection and Ranging (Lidar) sensor.

The novel method, called LidarPhone, repurposes the Lidar sensor that a robot vacuum cleaner normally uses for navigating around a home into a laser-based microphone to eavesdrop on private conversations.

The research team, led by Assistant Professor Jun Han from NUS Computer Science, and his doctoral student Mr Sriram Sami, managed to recover speech data with high accuracy. NUS students, Mr Dai Yimin and Mr Sean Tan Rui Xiang, as well as Assistant Professor Nirupam Roy from the University of Maryland, also contributed to this work.

Mr Sami shared, “The proliferation of smart devices – including smart speakers and smart security cameras – has increased the avenues for hackers to snoop on our private moments. Our method shows it is now possible to gather sensitive data just by using something as innocuous as a household robot vacuum cleaner. Our work demonstrates the urgent need to find practical solutions to prevent such malicious attacks.”

The work was presented at the Association for Computing Machinery’s Conference on Embedded Networked Sensor Systems (SenSys 2020) on 18 November 2020, where the team clinched the Best Poster Runner Up Award.

How the attack works

The core of the LidarPhone attack method is the Lidar sensor, a device which fires out an invisible scanning laser, and creates a map of its surroundings. By reflecting lasers off common objects such as a dustbin or a takeaway bag located near a person’s computer speaker or television soundbar, the attacker could obtain information about the original sound that made the objects’ surfaces vibrate. Using applied signal processing and deep learning algorithms, speech could be recovered from the audio data, and sensitive information could potentially be obtained.

In their experiments, the researchers used a common robot vacuum cleaner with two sources of sound. One was the voice of a person reading out numbers played from a computer speaker, while the other source was music clips from television shows played through a television soundbar.

The team collected more than 19 hours of recorded audio files and passed them through deep learning algorithms that were trained to either match human voices or identify musical sequences. The system was able to detect the digits being spoken aloud, which could constitute a victim’s credit card or bank account numbers. Music clips from television shows could potentially disclose the victim’s viewing preferences or political orientation. The system achieved a classification accuracy rate of 91 per cent when recovering spoken digits, and a 90 per cent accuracy rate when classifying music clips. These results are significantly higher than a random guess of 10 per cent.

The researchers also experimented with common household materials to test how well they reflected the Lidar laser beam and found that the accuracy of audio recovery varied between different materials. They discovered the best material for reflecting the laser beam was a glossy polypropylene bag, while the worst was glossy cardboard.

Preventing such attacks

To prevent Lidars from being misused, the researchers recommend users to consider not connecting their robot vacuum cleaners to the Internet. The team also recommends that Lidar sensor manufacturers incorporate a mechanism that cannot be overridden, to prevent the internal laser from firing when the Lidar is not rotating.

“In the long term, we should consider whether our desire to have increasingly ‘smart’ homes is worth the potential privacy implications. We might have to accept that each new Internet-connected sensing device brought into our homes poses an additional risk to our privacy, and make our choices carefully,” shared Asst Prof Han.

Future work

The team is working on applying ideas learnt from LidarPhone to autonomous vehicles – which also use Lidar sensors – as they could also be used to eavesdrop on conversations happening in nearby cars through minute vibrations of the car windows. They are also looking at the vulnerability of active laser sensors found on the latest smartphones, which could reveal further privacy issues.

This post orginally appeared on http://nus.edu.sg/

The post Robot vacuum cleaners can spy on private conversations appeared first on Web Science Trust.